British legislation to enforce encryption key disclosure

The British government is preparing to give its police the authority to force organizations and individuals to disclose encryption keys, a move that has outraged some security and civil-rights experts.

The legislation that gives the police such authority is contained within Part 3 of the Regulation of Investigatory Powers Act. The RIP Act, also known as RIPA, was introduced in 2000, but the government has held back from bringing Part 3 into effect. Now, more than five years after the original act was passed, the Home Office is seeking to exercise the powers within Part 3.

"The notion that international bankers would be wary of bringing master keys into (the United Kingdom) if they could be seized as part of legitimate police operations, or by a corrupt chief constable, has quite a lot of traction...If you're an international banker, you'll plunk your headquarters in Zurich."

--Richard Clayton, security expert, Cambridge University

Some security experts are concerned that the plan could criminalize innocent people and drive businesses out of the United Kingdom. But the Home Office, which has just launched a consultation process, says the legislation contained in Part 3 is needed to combat an increased use of encryption by criminals, pedophiles and terrorists.

"The use of encryption is...proliferating," Liam Byrne, Home Office minister of police and security, told Parliament last week. "Encryption products are more widely available and are integrated as security features in standard operating systems, so the government has concluded that it is now right to implement the provisions of Part 3 of RIPA...which is not (currently) in force."

Part 3 of the RIP Act gives the police powers to order the disclosure of encryption keys or force suspects to decrypt encrypted data.

Anyone who refuses to hand over a key to the police would face up to two years of imprisonment. Under current antiterrorism legislation, terrorist suspects now face up to five years for withholding keys.

If Part 3 is passed, financial institutions could be compelled to give up the encryption master keys they use for banking transactions, security experts have warned.

"The controversy here (lies in) seizing keys, not in forcing people to decrypt. The power to seize encryption keys is spooking big business," Cambridge University security expert Richard Clayton told ZDNet UK on Wednesday.

"The notion that international bankers would be wary of bringing master keys into (the United Kingdom) if they could be seized as part of legitimate police operations, or by a corrupt chief constable, has quite a lot of traction," Clayton added. "With the appropriate paperwork, keys can be seized. If you're an international banker, you'll plunk your headquarters in Zurich."

Opponents of the RIP Act have argued that the police could struggle to enforce Part 3, as people can argue that they don't possess the key to unlock encrypted data in their possession.

"It is, as ever, almost impossible to prove 'beyond a reasonable doubt' that some random-looking data is, in fact, cipher text and then prove that the accused actually has the key for it--and that he has refused a proper order to divulge it," encryption expert Peter Fairbrother pointed out on UKcrypto, a public e-mail discussion list.

Clayton backed up this point. "The police can say, 'We think he's a terrorist' or 'We think he's trading in kiddie porn', and the suspect can say, 'No, they're love letters; sorry, I've lost the key.' How much evidence do you need (to convict)? If you can't decrypt (the data), then by definition, you don't know what it is," Clayton said.

The Home Office on Wednesday told ZDNet UK that it would not reach a decision about whether Part 3 will be amended until the consultation process has been completed.

"We are in consultation, and (are) looking into proposals on amendments to RIPA," a Home Office representative said. "The Home Office is waiting for the results of the consultation" before making any decisions.

The Home Office said last week that the focus on key disclosure and forced decryption was necessary due to "the threat to public safety posed by terrorist use of encryption technology".

Clayton, on the other hand, argues that terrorist cells do not use master keys in the same way governments and businesses do.

"Terrorist cells use master keys on a one-to-one basis, rather than using them to generate pass keys for a series of communications. With a one-to-one key, you may as well just force the terrorist suspect to decrypt that communication or use other methods of decryption," Clayton said.

"My suggestion is to turn on all of Part 3, except the part about trying to seize keys. That won't create such a furor in financial circles," he said.